Bazzite · Docker · Nextcloud · Sunshine

One PC. Full Home Server.
On-Demand Gaming Station.

This guide turns a single desktop PC into a 24/7 home server — running self-hosted cloud software, a WireGuard VPN, and hardware-accelerated game streaming — all hardened, headless, and controlled over SSH.

🔒 SSH-First 🐳 Dockerised 📡 WireGuard VPN 🎮 Sunshine/Moonlight ☁️ Nextcloud AIO

What You Get

🖥️

Headless Server

Boots to an idle login screen. All Docker containers run independently in the background, 24/7.

🎮

Gaming Mode

Steam Deck-style gamescope session. Direct GPU scanout, controller-native, launched on demand via SSH.

🖱️

KDE Wayland Desktop

Full KDE Plasma on the physical display whenever you need it, started and stopped remotely.

📡

WireGuard VPN

Encrypted tunnel for Sunshine game streaming and secure remote access — no open RDP ports.

☁️

Nextcloud AIO

Self-hosted cloud storage behind Nginx Proxy Manager with automatic HTTPS via Let's Encrypt.

🔒

Hardened Security

SSH on a custom port with key-only auth, SELinux enforcing, firewalld, and Fail2ban.

---

Minimum Hardware Requirements

💻

CPU 4-core x86_64 minimum. 6-core+ recommended.

🧠

RAM 8 GB DDR4 minimum. 16 GB+ recommended for Fulltextsearch.

💾

OS Drive 120 GB NVMe SSD minimum. Fast read/write recommended.

🗄️

Data Drive A dedicated second drive (any size HDD or SSD) for Nextcloud data.

🖥️

Dummy Plug Required. HDMI or DisplayPort dummy plug ($3–5) for headless GPU init.

🌐

GPU AMD or Intel recommended. NVIDIA works but has limitations in Gaming Mode and Sunshine encoding.

What's a Dummy Plug?

Without a real monitor connected, most GPUs refuse to initialise their display output. A dummy plug is a tiny $3 adapter that pretends to be a monitor — it tricks the GPU into thinking a screen is attached so Gaming Mode and Sunshine can capture the display correctly.

---

Guide Roadmap

Prerequisites

Before You Begin

What to prepare, what to have on hand, and key concepts explained.

Phase 0

OS Installation

Download Bazzite, flash the USB, and install to your machine.

Phase 1

First Boot & SSH

Enable SSH, disable sleep, and lock the machine into headless mode.

Phase 2

Router & Network

Set a static IP reservation and configure port forwarding.

Phase 3

System Packages

Install Docker CE, Fail2ban, and other required packages.

Phase 4

Security Hardening

SSH keys, custom port, SELinux, firewalld, and Fail2ban.

Phase 5

Docker Setup

Enable Docker, add your user to the group, and configure log limits.

Phase 6

Data Drive

Format, mount, and apply SELinux labels to your Nextcloud data drive.

Phase 7

Core Services

Deploy DuckDNS, Nginx Proxy Manager, and Nextcloud AIO with Docker Compose.

Phase 8

Session Scripts

Write the scripts that start and stop KDE, Gaming Mode, and Sunshine.

Phase 9

VPN & Streaming

Deploy wg-easy, configure Sunshine, and connect Moonlight for game streaming.

Phase 10

Nextcloud Init

Link Nextcloud to NPM via SSH tunnels and complete the first-run setup.

Phase 11

Testing & Backups

Validate the full setup with a checklist and configure Borg backups.

Phase 12

One-Click Client

Add a webhook server and client script for one-click gaming sessions.

---

Start: Before You Begin →